diff --git a/source/_posts/caddy-nixos-part-3.md b/source/_posts/caddy-nixos-part-3.md index 923007f..46232c9 100644 --- a/source/_posts/caddy-nixos-part-3.md +++ b/source/_posts/caddy-nixos-part-3.md @@ -306,6 +306,8 @@ To prevent any unnecessary request headers from being sent to the upstreams, I u header_upstream -cf-visitor header_upstream -true-client-ip header_upstream -cdn-loop + header_upstream -cf-request-id + header_upstream -cf-cache-status } mdleom.com { @@ -315,11 +317,12 @@ mdleom.com { } ``` -The upstream locations insert some information into the response headers that could like my server location. I use `header` directive to filter them out. It applies to all `proxy` directive. +The upstream locations insert some information into the response headers that are irrelevant to the site visitors. I use `header` directive to filter them out. It applies to all `proxy` directive. ``` header / { -server + -alt-svc -cdn-cache -cdn-cachedat -cdn-edgestorageid @@ -327,6 +330,9 @@ The upstream locations insert some information into the response headers that co -cdn-requestcountrycode -cdn-requestid -cdn-uid + -cf-cache-status + -cf-ray + -cf-request-id -etag -set-cookie -x-bytes-saved @@ -370,6 +376,8 @@ I also add the `Cache-Control` and `Referrer-Policy` to the response header. Use header_upstream -cf-visitor header_upstream -true-client-ip header_upstream -cdn-loop + header_upstream -cf-request-id + header_upstream -cf-cache-status } (staticallyCfg) { @@ -391,6 +399,7 @@ mdleom.com:4430 www.mdleom.com:4430 { header / { -server + -alt-svc -cdn-cache -cdn-cachedat -cdn-edgestorageid @@ -398,6 +407,9 @@ mdleom.com:4430 www.mdleom.com:4430 { -cdn-requestcountrycode -cdn-requestid -cdn-uid + -cf-cache-status + -cf-ray + -cf-request-id -etag -set-cookie -x-bytes-saved diff --git a/source/_posts/i2p-eepsite-nixos.md b/source/_posts/i2p-eepsite-nixos.md index c30c101..325ec5c 100644 --- a/source/_posts/i2p-eepsite-nixos.md +++ b/source/_posts/i2p-eepsite-nixos.md @@ -213,6 +213,16 @@ The rest are similar to "[caddyTor.conf](/blog/2020/03/16/tor-hidden-onion-nixos (removeHeaders) { header_upstream -cookie header_upstream -referer + header_upstream -cf-ipcountry + header_upstream -cf-connecting-ip + header_upstream -x-forwarded-for + header_upstream -x-forwarded-proto + header_upstream -cf-ray + header_upstream -cf-visitor + header_upstream -true-client-ip + header_upstream -cdn-loop + header_upstream -cf-request-id + header_upstream -cf-cache-status } (staticallyCfg) { @@ -227,6 +237,7 @@ ggucqf2jmtfxcw7us5sts3x7u2qljseocfzlhzebfpihkyvhcqfa.b32.i2p:8081 mdleom.i2p:808 header / { -server + -alt-svc -cdn-cache -cdn-cachedat -cdn-edgestorageid @@ -234,6 +245,9 @@ ggucqf2jmtfxcw7us5sts3x7u2qljseocfzlhzebfpihkyvhcqfa.b32.i2p:8081 mdleom.i2p:808 -cdn-requestcountrycode -cdn-requestid -cdn-uid + -cf-cache-status + -cf-ray + -cf-request-id -etag -set-cookie -strict-transport-security diff --git a/source/_posts/tor-hidden-onion-nixos.md b/source/_posts/tor-hidden-onion-nixos.md index 4feb2a2..1141d49 100644 --- a/source/_posts/tor-hidden-onion-nixos.md +++ b/source/_posts/tor-hidden-onion-nixos.md @@ -188,6 +188,16 @@ The rest are similar to "[caddyProxy.conf](/blog/2020/03/14/caddy-nix-part-3/#ca (removeHeaders) { header_upstream -cookie header_upstream -referer + header_upstream -cf-ipcountry + header_upstream -cf-connecting-ip + header_upstream -x-forwarded-for + header_upstream -x-forwarded-proto + header_upstream -cf-ray + header_upstream -cf-visitor + header_upstream -true-client-ip + header_upstream -cdn-loop + header_upstream -cf-request-id + header_upstream -cf-cache-status } (staticallyCfg) { @@ -202,6 +212,7 @@ xw226dvxac7jzcpsf4xb64r4epr6o5hgn46dxlqk7gnjptakik6xnzqd.onion:8080 { header / { -server + -alt-svc -cdn-cache -cdn-cachedat -cdn-edgestorageid @@ -209,6 +220,9 @@ xw226dvxac7jzcpsf4xb64r4epr6o5hgn46dxlqk7gnjptakik6xnzqd.onion:8080 { -cdn-requestcountrycode -cdn-requestid -cdn-uid + -cf-cache-status + -cf-ray + -cf-request-id -etag -set-cookie -strict-transport-security